Agenda day 2

Day 1 wrap up and moreIt’s all about the XBOXManagement Packs for DummiesManagement Packs, a closer look

So far

Overview of SCOM functionInstallationBut… what about availability

Microsoft Confidential

Side by Side MigrationSame Hardware Approach

20052005

20052005

20072007

20072007

20052005

Management Group 1 - 2005Management Group 1 - 2005

Management Group 2 –2007Management Group 2 –2007

20072007

Microsoft Confidential

Side by Side MigrationNew Hardware Approach

20052005

20052005

20072007

20072007

20052005

Management Group 1 - Management Group 1 - 20052005

Management Group 2 - Management Group 2 - 20072007

20072007

5

High Availability Consideration

6

High Availability Consideration

7

Deployment Security Considerations

Account Name Asked During Used For Low Maintenance High Security

Management Server Action Account

Management Server Setup

Collect Data from provider and run responses

Local SystemLow Privilege Domain Account

SDK and Config Service Account

Management Server Setup

Write to the Ops Database and run services

Local System Domain Account

Administrator Account

Discovery\Push Agent Install

Installing AgentsDomain or Local Administrator Account

Domain Account or Local Administrator Account

Agent Action Account

Discovery\Push Agent Install

Gather information and run responses on the managed computers

Local SystemLow Privilege Domain Account

Data Warehouse Write Account

Reporting Server Setup

Write to the Data Warehouse

Low Privilege Domain Account

Low Privilege Domain Account

Data Reader Account

Reporting Server Setup

Query SQL Reporting Services

Low Privilege Domain Account

Low Privilege Domain Account

Point A Direction Point B Port Protocol Configurable

DB Root MS OLEDB 1433 TCP Yes (Setup)

DB MS OLEDB 1433 TCP Yes (Setup)

Root MS MS 5723 TCP No

Root MS Gateway Server 5723 TCP Yes (Setup)

Root MS Data Warehouse OLEDB 1433 TCP No

Root MS Reporting Server 5724 TCP No

Root MS Operations Console 5723 TCP No

Root MSConnector Framework Source

51905 TCPNo

Root MS Web Console Server 5724 TCP No

Root MS (Top-Tier) Root MS (Mid-Tier) 5724 TCP No

Root MS, MS, Gateway Server Agent 5723 TCP Yes (Setup)

MS Gateway Server 5723 TCP Yes (Setup)

MS ACS Collector Agent (ACS Forwarder) 59109 TCP Yes (Reg Key)

MS AEM File Share AEM Data from client 51906, 445 TCP Yes (AEM Wizard)

MS SQM End Point SQM Data from client 51907 TCP Yes (AEM Wizard)

Gateway Server Gateway Server 5723 TCP Yes (Setup)

Operations Console (Reports) SQL Reporting Services 80 TCP No

Data Warehouse Reporting Server OLEDB 1433 TCP No

ACS Database MS ACS Collector OLEDB 1433 TCP No

Web Console Server Web Console Browser 51908, 443 TCPYes (Web Config

File)

Deployment Firewall/Security Considerations

Management Packs for Dummies

What is a Management PackWhat is out thereNow what?

What is a Management pack?

Very flexible and powerful way to extend OpsMgrTypical types of data that can be consumed

Event logs, performance counters, log filesSNMP data and traps, SyslogSomething that can be accessed through a scriptWS-man – WindowsRM (OpsMgr sp1)

XML document with knowledge about an applicationThe structure of the applicationHow to discover the applicationHow to monitor the applicationWhat to do when the application breaks

Sealed Management PacksSealed Management Packs

Read-onlyDigitally signed by vendorBenefits

Simplifies upgrading to a new versionEasy to roll back to original versionSimplifies troubleshooting for the vendor

Sealed Management Packs

Why Sealed MPs? IDVersionSigned by Certificate

ComposabilityMust use the full identityVersion indicates lowest version usableOnly sealed MPs can be referenced

Microsoft Management Packs

38 Management Packs Currently Published

18 more before December

~20 Windows Server 2008 MPs

5 more Native MPs being developedBiztalk R2Cluster2003 DNS2003 DHCPISA 2006

Windows Server 2008 MPs

All Windows Server 2008 Roles

Common library will be updated for down-level MPs

ADWINS DNS DHCP

There will be beta releases

Released MPs for Operations Mgr 2007Exchange Server 2003/2007

Windows Server 2000/2003 ADInformation WorkerMS Server 2000/03 OSMS Client 2000 XP OSWindows Server IIS 2000/2003SharePoint Portal Server 2003Windows SharePoint Services 2003Windows Server 2000/2003 Terminal ServicesSQL Server 2000/2005Windows Vista ClientWindows Update Services 3.0Dynamics CRM 3.0SMS 2003Office SharePoint Server 2007Windows SharePoint Services 3.0Windows DHCP Server 2003/2000Windows File Replication Service 2003/2000

Windows Group Policy 2003Windows Print Server 2003Biztalk Server 2006 Forefront for ExchangeForefront for SharepointWindows Network Load BalancingIdentity Integration Server 2003 Office Project Server 2007Windows DNS Server 2003/2000Windows Distributed File Systems 2003Windows Routing and Remote Access Service 2003Windows Distributed Transaction Coordinator 2000/2003Computer Cluster Server 2003Windows AD Federation Services 2003Windows Internet Naming Service 2000/2003ISA Server 2004/2006 Office Live Communications Server 2005

15

MP Roadmap for Operations Mgr 2007

Released H1 CY‘08

Exchange Server 2003Windows Server 2000/2003 AD Information WorkerMS Server 2000/03 OSMS Client 2000 XP OSWindows Server IIS 2000/03SharePoint Portal Server 2003Windows SharePoint Services 2003Windows Server 2000/03 Terminal

ServicesSQL Server 2000/05Windows Vista ClientWindows Update Services 3.0Dynamics CRM 3.0SMS 2003Office SharePoint Server 2007Windows SharePoint Services 3.0Windows DHCP Server 2003/2000Windows File Replication Service

2003/2000Windows Group Policy 2003Windows Print Server 2003Biztalk Server 2006 Forefront for ExchangeForefront for SharepointWindows Network Load Balancing Identity Integration Server 2003 Office Project Server 2007Windows DNS Server 2003/2000Windows Distributed File Systems 2003Windows Routing and Remote Access

Service 2003Windows Distributed Transaction

Coordinator 2000/2003Computer Cluster Server 2003Windows AD Federation Services 2003Windows Internet Naming Service

2000/2003 ISA Server 2004/2006 Office Live Communications Server 2005

Configuration Manager 2007 System Center Virtual Machine

Manager 2007 and Virtual Server 2005 Windows Server Clusters 2000/03 Exchange 2007 Windows Rights Management Services

2003Office SharePoint Server 2007 Windows SharePoint Services 3.0/LH Office Project Server 2007 System Center Data Protection

Manager 2006 Commerce Server 2007 Host Integration Server 2006 Windows Password Change Notification

Service 2003 Antigen 9.0 MOM Pack Windows Server Automated

Deployment Services 2003 Windows Server Performance Advisor

2003 Windows System Resource Manager

2003 Communicator Web Access 2005 Windows Key Management Services

2003 Office Communications Server 2007

Windows Server 2008 Windows Server 2008 AD Additional MPs (work in progress)

This information represents Microsoft Corporation's current view of its product development cycle. It was accurate at the time of publication. None of the information in this timetable should be interpreted as a commitment on the part of Microsoft Corporation.

Q4 CY’07

Localization Localization

• DHCP Server Service 2000/2003

• Print Server 2003

• DNS Server Service 200/2003

• Office Live Communications Server 2005 SP1

•System Center Data Protection Manager 2006

•Exchange Server 2003• SQL Server 2000/2005• Internet Information Services 2000/2003• Server 2000/2003 Operating System• XP Operating System• Information Worker• SharePoint Service 2.0 • SharePoint Portal Server 2003• Terminal Services 2000/2003• Vista Client Monitoring• Operations Manager 2007• Virtual Server 2005/Virtual Machine Manager 2007•Configuration Manager 2007• System Update Services 3.0• File Replication Service 2000/2003• SharePoint Service 3.0• Systems Management Server 2003•Forefront Security for Exchange 10.0•Forefront Security for SharePoint 10.0• Office Project Server 2007• DFS Service 2003• Compute Cluster Server 2003

• Streaming Media Services 2008• Server Clusters 2000/2003• UDDI/Web Service Directory 2008• Print Services 2008•Update Services Agent 2008• Cluster Services 2008• DHCP Services 2008• DNS Services 2008• Group Policy Services 2008• Commerce Server 2007• Communicator Web Access 2005

• Network Policy Services 2008• Terminal Services 2008• Server Core OS 2008• Web Services (IIS) 2008• AD Lightweight Directory Services 2008• AD Certificate Services 2008• Virtual Server Services 2008• Network Load Balancing 2008• Deployment Services 2008• Application Services 2008

Tools for Dealing with Sealed MP’s

MPViewer

Command Shell

Override Explorer

Partner Tools (like MPStudio 2007 – Silect Software)

Product Team Blogs: http://blogs.msdn.com/boris_yanushpolsky/http://blogs.msdn.com/jakuboleksy/http://blogs.technet.com/momteam/

Management Packs, a closer look

How to use Management PacksDiscoveriesHealth monitoringState monitoringMonitors

Management Pack contents

Attributes – to Discover if a role excistsDiscoveries – to lookup objects in a roleGroupsMonitors – to monitor objects and provide data in a service based model, and raise alerts if neededRules – monitor objects in a stand-alone model, and raise alerts if neededViews – look at that data almost realtimeTasks – diagnostic or to resolveKnowledge – knowhow of the dataReports – analyses and overview

Microsoft Confidential

Installing an AgentImporting a management packChanging a ruleA rule firing or a monitor changing stateExecuting a task

Management Pack Management

Override Best Practices

Store override in separate MPs

Do not use the “Disable” command in the override menu

Make sure that the parameter is overridden in all the rules and monitors.

Configure overrides for groups instead of specific instances

Object Discoveries

Objects and relationships are discovered:Objects and relationships are discovered:RegistryRegistry

WMIWMI

ScriptScript

OLEDBOLEDB

LDAPLDAP

Custom code (Managed)Custom code (Managed)

23

Discovered Objects

24

Discovered Relationships

stwilson15d\Instance1stwilson15d\Instance1

mastermaster

modelmodel

OperationsManagerOperationsManager

tempdbtempdb

test1test1

test2test2

stwilson15d.smx.netstwilson15d.smx.net

25

Health Modeling

Every class has a health modelCollection of monitorsArranged in a tree structureAs deep or as shallow as requiredRepresents the current state of the objectUse the health explorer to view

26

State Monitoring

Operations Manager 2005Watch for a conditionRaise an alertCreate a state change from the alert

Operations Manager 2007Watch for a conditionChange stateRoll up state as requiredOptionally generate an alert / notification

27

MonitorsA monitor is a state machineA monitor is in one state at any timeMonitors some aspect of an applicationHas a finite number of operational states (maximum of 3 in this release)Each operational state maps to a health stateDefines alerting conditions (optional)

SCOM 2007 uses Service Based Monitoring instead of Server Based Monitoring like MOM 2005 !!!!!

28

Aggregate Rollup Monitors

Use to show service dependencies

Exchange Server depends on DNS, Active Directory etc. if dns fails, an aggregate rollup monitor show exchange in a warning or critical state, even if these services do not reside on just one server. The computer holding the Exchange Server Role is not affected.

Dependency Rollup Monitor

Used to make the Windows Server running Exchange Role show as in same state as Aggregate Rollup if needed.

Unit Monitor

Monitor discrete events or servicesReactive, but very helpfullTest using EventCreate.exe

Eventcreate

/L <LogName> ie Application, Security, …/T <Type> ie Warning, Error, Warning, Information/SO <Source>/ID <EventID> 1-1000/D <Description>

Unit Monitors

Simple Windows Event Unit MonitorLook for one Event to occur

Correlated Windows Event Unit MonitorLook for related Events to occur in certain order

Windows Services Unit MonitorChecks if service is running, if not… RedHot

SNMP Probe-Based Unit MonitorSends SNMP traps to determine a state

Monitors (State monitoring)

Object

SecurityHealth

ConfigurationHealth

OverallHealth

AvailabilityHealth

PerformanceHealth

ServiceCheck

ProcessUtilization

SQL 2005DB Engine

Unit Monitors

Aggregate Monitors

33

Health Model

Entity

Logical Entity

Local Application

Windows Computer Role

SQL Server

34

Health Model – Roll up

SQL Server

35

Monitor Types – Data Sources

EventPerformanceWMILog fileSNMP TrapWS-Man

ScriptOLEDBLDAPSyslogCrimsonAnd more…

36

Monitor Types - Workflows

Event based:Simple eventsCorrelationConsolidationMissingAnd more…

Performance based:Average

DeltaConsecutive samples

Self tuning

And more…

Pick the type to suit your needsCompose a new workflow if required

37

Dependency MonitorsSQL 2005 DB EngineSQL 2005 DB Engine

SQL 2005 DBSQL 2005 DB

HostingHostingDependency Monitor

38

Dependency MonitorsSQL 2005 DB EngineSQL 2005 DB Engine

SQL 2005 DBSQL 2005 DB

HostingHosting

39

Threshold Monitors (perfmon)

Static Threshold MonitorTriggers Alert at certain level

Self-Tuning Threshold MonitorAllows for tuning values

Self-Tuning Thresholds

OpsMgr agent learns the behavior of a counterRecorded behavior is used to generate alerts at the right timeLearning can be continuous

Optimized Performance Collection

Significantly reduces the amount of data stored in the databaseCan be configured on a per-counter basisTolerance can be configured using an absolute or percentage value

Absolute or Percentage

Absolute works well for counters with values in a limited range

Example: Processor Utilization can range between 0 and 100

Percentage works well for counters with values in an unknown range

Example: TCP Connections

Create one of your own

Approach to building a MPTargeting

Approach to building a MP

Gather the requirements

Find the knowledgeIn the heads of customers, support staff, operators

Application Developers and IT Professionals

Build it

Deploy it in a real work environment and refine

Discipline to the process

Common questions?How long will it take?

Can we get it listed in the Microsoft catalog?

Building a Management Pack

Operations ConsoleAuthoring ConsoleXML Editor

Management Pack Building Blocks

TypesTypes

RulesRules

MonitorsMonitors

TasksTasks

ViewsViews

OverridesOverrides

ReportsReports

OtherOther

Targeting

Microsoft Operations Manager (MOM) 2005Create a computer groupCreate a rule groupAdd rules to rule groupAssociate rule group with computer group

Operations Manager (OpsMgr) 2007Create a typeCreate the discovery for that typeCreate a rule or monitor targeted to that type

Microsoft Confidential

Targeting All Managed ComputersExample:You want to monitor failed logon attempts on Windows

Computers

GOODUse Windows Operating System to target all Windows managed nodes (desktop and servers)Use Windows Server Operating System to target all Windows server managed nodes (all versions)Use Windows Server 2003 Operating System to target all Windows Server 2003 managed nodes

BADDon’t use Agent:

The monitor will not work for agent-less managed computers.The monitor will affect the health state of the Agent which is not what you want.

Don’t use Computer:Management packs for non windows management are likely to use computer as the base type for types such as Unix computer. The monitor that you just created will not work against non windows computers.The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr.

Don’t use Windows Computer:The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr.

Microsoft Confidential

Operating System ModelOperating SystemOperating System

Windows Operating Windows Operating SystemSystem

Windows Server Windows Server Operating SystemOperating System

Windows Client Windows Client Operating SystemOperating System

Windows Windows Server 2000 Server 2000

Operating Operating SystemSystem

Windows Windows Server 2003 Server 2003

Operating Operating SystemSystem

Windows XP Windows XP Operating Operating

SystemSystem

Windows Vista Windows Vista Operating Operating

SystemSystem

Other Operating Other Operating SystemSystem

Inheritance

Microsoft Confidential

Targeting A Server RoleExample:You want to monitor file cache hits on Web Servers

GOODUse IIS Server Role 2003 to target all IIS 2003 Web Servers. Use IIS Server Role to target all IIS Web Servers. Currently this would apply to Windows 2000 and 2003 IIS servers. With the release of Windows Server 2008 MP, this would also apply to Windows Server 2003 IIS Web Servers.

BADDon’t use Windows Server 2003 Operating System

The monitor will apply to all Windows 2003 Operating Systems regardless of whether IIS is installed or not.

Don’t use Windows ServerThe monitor will apply to all Windows Servers regardless of whether IIS is installed or not.

Don’t use Windows ComputerThe monitor will apply to all Windows computers (both desktops and servers) regardless of whether IIS is installed or not .

Don’t use ComputerIf management packs for other operating systems are installed, the monitor will apply to non windows computers as well. However the monitor will not function correctly.

Microsoft Confidential

Computer Role ModelComputer RoleComputer Role

Windows Computer Windows Computer RoleRole

IIS Server RoleIIS Server Role SQL RoleSQL Role

IIS 2000 IIS 2000 Server RoleServer Role

IIS 2003 IIS 2003 Server RoleServer Role SQL DB EngineSQL DB Engine SQL Reporting SQL Reporting

ServicesServices

Other OS Computer Other OS Computer RoleRole

Inheritance

Microsoft Confidential

Targeting Some Managed ComputersExample:You want to monitor failed logon attempts on Windows

Computers in RedmondGOOD

Use Windows Operating System to target all Windows managed nodes (desktop and servers)Use Windows Server Operating System to target all Windows server managed nodes (all versions)Use Windows Server 2003 Operating System to target all Windows Server 2003 managed nodesOnce you have picked the right type for the situation, create a disabled monitor. Add all Redmond computers to a group. Create an override to enable the monitor for the group.

BADDon’t use Agent:

The monitor will not work for agent-less managed computers.The monitor will affect the health state of the Agent which is not what you want.

Don’t use Computer:Management packs for non windows management are likely to use computer as the base type for types such as Unix computer. The monitor that you just created will not work against non windows computers.The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr.

Don’t use Windows Computer:The monitor will execute against all windows computers. Both clients and servers that are managed by OpsMgr. Failed logons is actually an attribute of the operating system rather than the computer.

Ways to get data into OpsMgr

Management pack consuming or creating the data (this is the better integrated method)

OpsMgr existing data source modulesWrite to event log, build a perf counter

Scripts executed within a MPCall a script on a timed interval and insert data back in for evaluation

Creating a inserting “connector” through SDK apisManage discoveryInsert events, performance data associated to instancesUse monitors to create alerts and change state

Report TypesNew generic reportsLinked (specialized) reports

Supporting database objects (views, functions, stored procedures)New storage structures (tables) and collection for new data types

Reports

What is a quality MP?

• Leverages the full capabilities of Operations Manager 2007• Uses the OpsMgr agent on Windows platforms• Defines and discovers the model including relationships• Provides tasks to configure target applications/components

to be managed• Provides component specific Health Models,

troubleshooting knowledge, tasks and specific reports• Provides synthetic transactions for user facing components• Provides component problem specific resolution tasks• Is globalized and localized in the same languages as

Operations Manager• Provides configuration and deployment guidance

documentation